Speculative Historical Malware Issue?

Hi all

Over 10 years ago I managed to get some malware or the like on a USB drive, it was called chess.exe, it basically cloned itself to every USB that then went into my PC. I managed to get rid of it back then...

Which brings us up to today, I just put an old USB into my PC (wondering what was on it), and low and behold, there was chess.exe. The USB showed up as a disk rather than a drive, 0 space available, disk icon etc. I nearly cried! Thought I had gotten rid of all the old infected USBs.

Would something like the chess.exe have any effect on a modern iMac? Let me explain... The PC in question is running Vista, and has an old copy of Malwarebytes on it, but it hasn't been connected to the internet for nearly 15 years, and I'm not about to connect it any time soon. I'd like to get a log file from Malwarebytes (and any other files needed) to the good people here, but I'm trying to work out how to do that without infecting every USB stick I have and then infecting my other PCs which are connected to the internet. I'm wondering if I can sacrifice one USB stick and upload everything via my iMac instead? Or is it likely to cause issues on the Mac too?

Any help would be greatly appreciated. Thanks all.

 

If the above doesn't make any sense, my apologies, let me know, I'll try to explain in more detail.

 

Hi Tim, thanks for this, greatly appreciated.

Brought Flash Disinfector over from the Mac on a fresh USB stick, copied it to the desktop and it ran and completed with no issues. Do I need to do anything else?

 

Is there a better way to find chess.exe than doing a simple search through the OS? I'm assuming it would try to hide itself in some way?

 

OS search has thrown nothing up, neither has Malwarebytes (older version 1.35, dbv 1945). I'll sacrifice a few cheap unused USB sticks to it, see if they get infected.

 

It was/is called ogid worm
Source: https://www.auditmypc.com/chess.asp

I guess you can look at these files on your computer
https://social.technet.microsoft.co...us-hit?forum=exchangesvrsecuremessaginglegacy

I assume that since it is from 2008, an up-to-date antivirus program would find and remove it.
Online virus scans
https://www.trendmicro.com/en_us/forHome/products/housecall.html
https://www.eset.com/int/home/online-scanner/
https://www.f-secure.com/en/home/free-tools/online-scanner

 

Thanks for these, I will work my way through them now.

Unfortunately the computer in question is not connected to the web and it won't be connected any time soon, so I need an up to date, portable programme, that will run on Vista. Not sure what my bets bet is for that.

 

Couldn't find any of those.

Seems odd that the infected USB stick was in the computer for maybe 10 to 15 seconds and didn't move itself across in some way? Or will the Flash Disinfector that I used earlier have cleaned them up?

 

Will do.

Out of interest, am I correct in thinking any infections on the PC or USB sticks are unlikely to do any damage to my Mac? I know you can't promise anything, I'm just trying to manage how many USB sticks I burn through with single usage, and how I get the logs from the off line PC back to this website without infecting anything else, I'm guessing my Mac is my best option?

 

Understood, just trying to gauge the danger.

 

I know exe things don't run in linux so I just checked and exe files also do not run on Macs.

So, take the suspected infected USB sticks. Plug them into a Mac and format them.
Here's how
https://www.macworld.com/article/234613/how-to-format-a-thumb-drive-for-both-mac-and-windows.html

You can then put the clean sticks into another computer and format them into FAT32, if that's what you need.

I use this on Windows computers to format
https://www.bleepingcomputer.com/download/hp-usb-disk-storage-format-tool/

 

@blaster_bob
Have you done this?